Overview
- Description
- Ecosystem Agent version 4 < 4.5.1.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not properly validate SSL/TLS certificates, which could allow a malicious actor to perform a Man-in-the-Middle and intercept traffic between the agent and N-able servers from a privileged network position.
- Source
- a5532a13-c4dd-4202-bef1-e0b8f2f8d12b
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 3.8
- Impact score
- 2.5
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
- Severity
- LOW
Weaknesses
- a5532a13-c4dd-4202-bef1-e0b8f2f8d12b
- CWE-295
Social media
- Hype score
- Not currently trending